GENERAL PRIVACY NOTICE MAY 2018
Purpose of this privacy statement
This is the privacy notice is for Verno Capital UK LLP. It is effective as of 25 May 2018. This privacy notice explains how the we collect and process your personal data. We are committed to protecting your personal data and this privacy statement will explain how we look after it and what rights you have.
Our Contact Details
Our contact details are:
Verno Capital UK LLP
Email address: firstname.lastname@example.org
Postal address: 16 Old Queen Street, London SW1H 9HP
Telephone number: +44 20 3709 3040
If you have any questions about this privacy notice or how we deal with your personal data, including any requests to exercise your legal rights, please contact us using the details above.
Whose personal data do we process
We collect and process the personal data of various categories of people who interact with us, mostly investors and potential investors. This privacy statement applies to all personal data we obtain and process, whichever category you might fall into, and what data we use and how we use it will depend on the particular circumstances, as explained within this notice.
What sort of personal data do we process and how is it collected?
The types of personal data that we will collect and use will depend on various circumstances, for example, your relationship with us, why you are interacting with us and the type of services or products you want us to provide to you. The data may include, for example:
- identity information, such as your name, the company you work for, your job title and department • contact details, such as your email address and phone number(s)
- communication preferences
- information which you provide in subscription documents and other forms
- identity documents and other personal information used to carry out anti-money laundering (AML) checks, or to apply for travel documents on your behalf
- any other personal data we may obtain through you interacting with us
Most of the time we obtain data from you directly as you interact with us, though sometimes we will conduct open source searches for information or receive qualified leads from a third party introducer.
For what purpose do we collect your personal data?
We will only use your personal data for the purposes for which it has been provided to us. Generally, we will process your personal data in order to provide you with those of our services and other offerings you want to receive from us. We will only use your personal data for the purposes for which it has been provided to us, unless we reasonably consider that we need to use it for another reason that is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis that allows us to do so.
What lawful bases do we rely on to process your personal data?
We will only use your personal data in compliance with the law. Most commonly, where:
It is necessary for our legitimate interests (or those of a third party), and those interests do not override your interests or fundamental rights. Our legitimate interests typically involve direct marketing.
We need to comply with a legal or regulatory obligation. For example, we may be required to share your personal data with any legal or regulatory authority to which we are subject.
Who do we share your personal data with?
We may need to share your personal data with other organisations from time to time, but we will maintain responsibility for what they do with your data and how it is processed. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. For example:
- Service providers who process data for us, including those providing IT and system administration services and hosting.
- Other organisations such as auditors and compliance consultants
- to competent authorities (including tax authorities), courts and bodies as required by law or requested or to affiliates for internal investigations and reporting
If we need to transfer your personal data out of the EEA, we will ensure a similar degree of protection is afforded to it as if it were being processed within the EEA. For example:
- We will transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
How do we look after your data?
We have put in place appropriate security measures to help prevent your personal data from being accidentally lost, used or accessed in an unauthorised way. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How long will we use your personal data for?
We will only keep your personal data for as long as necessary to fulfil the purposes for which we collected it or to enable us to comply with our legal obligations or enforce our legal rights.
At the end of the retention period, we will either delete your data completely, or anonymise it so that, for example, we can aggregate it with other data so that it can be used, without identifying you.
What are your legal rights?
You have the right to access information held about you and may request that we amend, delete or update such information. You may submit a request to: email@example.com
Please note that there may be circumstances where we cannot delete information that we hold about you because of our legal obligations.
Accessing your data
Should you wish to access your data, the following information will apply:
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Changes to this privacy statement or to your data
This privacy statement may change from time to time so please check it periodically. Any significant changes will be posted on our website.
The personal data we hold about you needs to be accurate and up-to-date in order to comply with data protection law. Please let us know of any changes to your personal data so that we can correct our records.
Please contact us at GDPR@verno-capital.com in the first instance if you have a concern about how we are dealing with your personal data, though you are entitled to complain at any time to the Information Commissioner’s Office (ICO) at www.ico.org.uk.